Security Boulevard

The Trivy Compromise: The Fallacy of Secrets Management and the Case for Workload Identity

The Trivy incident exposed a credential architecture failure, not just a supply chain one. Here’s the case for workload ...
TechRadar

Microsoft says all Azure sign-ins will now need to use multi-factor authentication to enhance account security

Microsoft has announced all Azure sign-ins will soon have to use multi-factor authentication (MFA) to enhance account security. The authentication methods offered by the Azure platform include mobile ...
CSOonline

How Azure Active Directory opens new authentication risks

Hybrid cloud identity and access management services add complexity and opportunity for attackers to network authentication processes, as recently demonstrated for Azure AD. It’s been common knowledge ...
Bleeping Computer

Latest Azure AD news

A critical combination of legacy components could have allowed complete access to the Microsoft Entra ID tenant of every company in the world. Microsoft has fixed an issue that caused Entra ID DNS ...
Security Boulevard

MCP Authentication and Authorization Patterns

In MCP, every request comes from a nonhuman identity: an agent, server or tool. These identities don't act under direct human oversight. They generate requests dynamically, chain operations and carry ...